Change UPN?

Re: Change UPN?

to precise this a bit: of course, i can easily change the UPN using the AD Users & Computers Console or whatever kind of scripts. But the MPS holds the CN in the ProvisioningDB, and i don't want to run into inconsistent Data.

By the way: I'worried about inconsistent Data in various ways. Everybody in our house knows, that changes should only be made using the MPS. But sometimes people just do some quick klicks in Exchange MC or AD U&C. Is there a way to reload data from AD to
Prov-DB?

Re: Change UPN?

Re: Change UPN?

thank you for the hint. I'm not absolutely happy with this, since I have to delete the object before and have to know which plan to assign.

Maybe i'll try this, or i will write some extra script, which reads GUID and CN from AD and updates the CN in the MPS-DB based on the GUID. Then it should also be possible to automatically delete Objects from the MPS-DB which were deleted using the Users&Computers-SnapIn.

Re: Change UPN?

I never wrote an extension for a MMC snap-in. Is it difficult? (okay, bad question) Can I use .NET? Well I think i won't do this for this task, but maybe I should have a look on Development of own MMC SnapIns and Extension of existing ones, sounds interesting.

Re: Change UPN?

Re: Change UPN?

As soon as i use the <cn>-Attribute, provtest returns "Unable to open object 'LDAP://dc/CN=oldCN,Hosting-Path'./There is no such object on the server./ADsGetObject/GetProperties".

The Path to the user is correct. And when i remove the <cn> (which should - According to the SDK-Documentation - change the user's CN), i can change the UPN. But as i just got to know, I've also got to Change the CN, not only the UPN as initially asked.

Re: Change UPN?

i try to Update UPN and CN (but i could do this in two steps, if this would help), since we want to keep them both consistent.

Anyway: According to the MPS SDK Docu, one should be able to update the CN with the RenameUser-Procedure. But when I try this, i get an error, that the object wasn't found.

Docu for RenameUser:

<cn>

Optional parameter. If this parameter is supplied, it renames the user Active Directory object. This value should also be updated in the Customer Plans database commonname column of the customers table.

Re: Change UPN?

i had the time for some tests today, and i found out how you can use this Method to change CN.

It has to be

<cn>newCN,OU=...,OU=...,OU=...,DC=...,DC=...</cn>. So, you have to specify the complete path, but you don't have to use "cn=" (or "LDAP://CN=") at the beginning.

There are only two Problems:

1. MPS throws an error, even though the name was changed ("An error encountered while processing object 'LDAP:...'./There is no such object on the server./RenameObject"). That's what made Testing a bit hard.

2. More Seriously: The MPS-Database isn't updated, it keeps the old CN. So, the Method is more or less useless.

Re: Change UPN?

Re: Change UPN?

Why do you need to keep the CN consistant with the UPN? They are unrelated as is the users telephone AD and their CN. Our programmers locked this in, and its been nothing but a hassle - i highly recommend not trying to relate these fields as MPS wasnt
designed this way, nor is Active Directory.

Re: Change UPN?

there are some tasks left here, for which we still use the xml-Files and provtest. No user knows his CN, but everybody knows his eMail-Address and put's it down in his request. So, if CN = eMailAddress, you can just use this. If it's not equal, you have
to find out the CN first.

But since namechanges don't happen too often, we decided not to keep CN consistent.